Posts by sebastian

I have been having a problem with Plesk 10.4.4 using Postfix and the Plesk Spamassassin:
Mails from SASL Authenticated local domain users was being tagged as Spam by Spamassassin, with, amongst others, RCVD_IN_PBL.

I fixed this by doing two things:

1) adding the following to the /etc/postfix/main.cfsmtpd_sasl_authenticated_header = yes

AND

2) adding the following to /etc/mail/spamassassin/local.cf (replace your.host.name with your hosts FQDN that shows up in mail headers)header SASL_AUTH_RCVD Received =~ /\(Authenticated sender: .*@.*\) by your.host.name \(Postfix\) with/score SASL_AUTH_RCVD -10describe SASL_AUTH_RCVD received from SASL authenticated user

Ever since I started using Lastpass Premium, I have been using Two-Factor Authentication (TFA). First with printed OTPs, then Google Authenticator on my Android.

The only reason why I thusfar not considered using Yubikey as my TFA was the missing ability to use it on my android phone. But especially on the PHONE I want TFA, because it is in much higher danger of being stolen. But the traditional Yubikeys dont work on phones.

But the guys @ Yubico came up with the Yubikey Neo (http://yubico.com/yubikey-neo)

The Yubikey Neo is NFC-enabled and works perfectly in tandem with my Samsung Galaxy Nexus. I can now safely use Lastpass on my Android with TFA, and I don’t have to worry about the security of my passwords when my phone gets stolen.

Then select URI record type, identifier=https:// and URI string lastpass.com/mobile/?otp=

press NEXT twice to get to the programming page and press the RUN button to write the NDEF2 string to your YubiKey NEO.

Enjoy (make sure you have the Lastpass App installed on your Phone)

The Yubikey Neo can be used on any Computer like a normal Yubikey and on any NFC enabled phone. Fantastic, isn’t it ?

~~ sebastian

Update 1, 13.03.2012: Thanks to a comment from Evelina @ Yubico, I changed the above howto to include the need to change your lastpass account settings to “disallow” mobile access. This setting will enforce the YubiKey TFA on mobile devices.

I have recently been using my girlfriends Macbook with Mac OSX Lion (10.7.3) for sorting files on my Synology DS-1511+ NAS. The way OSX handles Volumes/Shares frustrates me, and having to reconnect every time the Macbook leaves standby is even more annoying.

So I started looking for ways to utilize the Mac OSX automount (autofs) tools. With a bit of looking around on the net and a few modifications, this is what I came up with:

So far, so good: Now I have a script that handles the doing, but I have to tell the automounter where to apply this script, so I append a directive to /etc/auto_master, create the designated mountpoint and reload the automounter:

At this point, the automounter is registered for /Volumes/storage/, but since I haven’t actually ACCESSED any of the shares yet, there are no subfolders under /Volumes/storage (automounter creates those after initial access).

Since I want a TRUE automount, I use a little script that can be added to the users startup routine.
This script just reads all available shares from the NAS, and cd’s to each of the corresponding automount subdirectories to create the initial stubs.

1

2

3

4

sudo mdkir-p/usr/local/bin

cd/usr/local/bin

sudo curl-O"http://juerges.net/files/mac_autofs/connect_mounts"

sudo chmod+x/usr/local/bin/connect_mounts

Script Content:

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

#!/bin/bash

# Cycles through SMB shares from server and cds into each as the specified user

# Setting this script as a launch daemon on a calendar schedule can be useful